In the Public Interest
Global shrink costs retailers at least $119 billion a year, and that number continues to grow due to shoplifters and dishonest employees, according to the most recent Global Retail Theft Barometer report. This issue isn’t just confined to the retail industry, though; municipalities with warehouses that service water, sanitation, school, police, fire, and transportation services are losing millions of dollars each year to inventory theft, often at the hands of employees within their own logistics operations.
Municipal facilities typically are not as well supported with the state-of-the-art physical security technologies and advanced inventory and property management systems used by for-profit businesses. Municipalities face numerous issues that compete for a limited budget, and city warehouses and logistics operations are often assumed by city leadership to be running smoothly and don’t receive the security funding they may need.
However, a closer look at municipal supply chain facilities reveals that many are leaking public funds due to preventable gaps in security. Stolen inventory not only costs the municipality the item’s value, but also the cost of replacing the equipment—often at double the original price.
Various factors make warehouses an attractive target, and poor workplace culture often contributes to lax security. But security professionals can use sound methods to implement a quality security program at even the most dysfunctional facility.
AN ATTRACTIVE TARGET
Many items in municipal warehouses are replacements for infrastructure around the city that will fail over time. For example, if a sewer system is installed and there’s a particular valve that is unique to that system, project managers know that by the time the valve needs replacing it will be off the market. Therefore, four extra valves are purchased at the time of installation and will be put on a shelf in the municipality’s warehouse. Eventually the valve will fail and need to be replaced. If the extra inventory is not available, that entire section of the sewer system might need to be replaced, costing 10 times the amount of the valve.
All of these custom parts and supplies are stored at warehouses throughout the municipality and can be appealing to thieves. The abundance of copper, brass, and electronics is tempting for criminals—a copper fitting can cost $5 to $7 each, with a scrap value of $2 or $3. They are small, so someone could fit 20 of them in a pocket and walk out of the warehouse without being noticed.
Specialized products, like plumbing parts and pool chemicals, can prove to be even more lucrative targets. Thieves can sell off chemicals meant to treat the municipality’s pools to hotels or apartment complexes looking to save a buck. Even custom-made parts have value. For example, an apartment complex may be required to install a particular type of valve that costs $50,000 on its grounds. After 40 years, it’s time for the valve to be replaced, but someone can provide the part needed for only $12,000. Less scrupulous contractors wouldn’t bat an eye at this; once the valve is in the ground, nobody will ask where it came from.
It’s also common to see crimes of opportunity—if an employee sees five copper parts sitting on a shelf collecting dust for years, it’s tempting to take one because nobody will know it’s missing, and there are still four others.
A CULTURE OF COMPLACENCY
Warehouse personnel at one municipal facility spent weeks counting inventory and filling out inventory control cards in the weeks leading up to an independent audit. Auditors compared their sample list to those cards, accepted the count on the cards as accurate, and moved on, finding no wrongdoing. However, warehouse personnel had been instructed by managers to change the number in the inventory database to match the floor count because fluctuations in the count were assumed to be system input errors instead of loss from theft.
This culture is difficult to correct. In commercial warehouses, when an employee is not following procedures, it is relatively easy to release that person. But in the municipal world it’s a much harder process. It’s very hard to fire somebody, or to even look into an event without stirring up a lot of problems.
It’s not uncommon to have parts in a warehouse that have been on the shelf from before the facility’s employees were born. In the private sector, profit is a huge driving force. If money isn’t being made and products aren’t being moved quickly in and out of warehouses, the business will fail. Commercial warehouse managers are held accountable for their inventory control, because companies can’t afford to lose tens of thousands of dollars of merchandise a week.
There’s not the same level of accountability at the government level because it’s not a profit-driven entity. At municipal warehouses, the loss is not really a driving factor in making sure that parts are accounted for and properly taken care of. Because of this, a combination of employee complacency and a lack of strong inventory practices can lead to waste that can go unnoticed for years.
BUILDING A PROGRAM
Developing a structured approach that addresses the specific needs of municipal warehouses is critical because it keeps management involved and provides clear and consistent guidance to all employees throughout the municipality. An effective security program is dependent on a strong training and managerial foundation supported by robust physical security, up-to-date technology, validated processes, outside quality assurance, and well-defined controls.
Senior management. The strongest tool for validating the success or failure of logistics warehouse inventory control programs is an engaged and proactive administrator. Senior management is ultimately responsible for warehouse operations, but the problem at the municipal level is that city managers don’t feel invested. After an outside investigation was conducted in one city, 15 people lost their jobs, including the director, who had been with the city for 20 years. He didn’t steal anything, but he allowed $4 million in inventory to walk out the door during his tenure there.
Absent leadership is viewed by staff members as an open invitation to bypass protocols and clears the way for fraud and abuse. It is imperative that managers manage from the front line. They must view, review, and fully understand every process at every location. This is the only way to identify and correct or account for variations in local logistics, security, and management functions.
Property management, including inventory and warehouse functions, is a primary task that should be performed by experienced and accountable managers. While managers do not need direct inventory or logistics experience, they do need to have strong managerial skills and a full understanding of security and process controls. Such skills are critical to understanding the general challenges associated with the inventory and property management process.
Quality control. Inventory processes are not self-monitoring. They need continuous validation and control. Left unchecked, they rapidly lose direction and drift off course. This is especially true in municipalities with multiple remote facilities since these normally depend heavily on peer-to-peer validation, which assumes that everyone fully understands each process element and knows how those elements fit together as part of the overall function.
Inventory audits may not be efficient in helping detect sophisticated theft, either. Because large municipal inventories requiring manual reconciliation can take weeks and cost tens of thousands of dollars, most municipal audit programs only sample a random, small portion—often less than 1 percent—of inventory. These issues can overlap to hide systematic insider wrongdoing.
The implementation of process-based compliance checks that can be carried out in person or remotely is paramount. Depending on the number of operational sites, management should conduct checks weekly to ensure compliance and collect change recommendations. Additionally, team members at every level should be given the opportunity to reflect and comment on process changes and make suggestions to improve efficiency.
Employee training. The linchpin to building and maintaining a successful operation is training employees. In many property management and inventory support programs, training is often restricted to a couple of hours of introductory instruction or a few days of on-the-job training. Employees rarely receive formal training and depend on other employees when developing process understanding and proper procedures.
Staff working in municipal warehouses often operate in an environment that is characterized by a dependence on decentralized controls using site-specific processes, dependence on internal accountability, and the use of antiquated physical security and inventory control technology. There is often a lack of external oversight, as well as inconsistent tracking and reporting procedures.
Unfortunately, the vast majority of inventory theft and misappropriation at the municipal level is the result of illegal behavior by internal staff, often over extended periods of time. Because they know the facility, understand the inventory process and its weaknesses, and are least likely to garner suspicion, long-term employees are the ones most likely to successfully defraud their organization. For employees, the knowledge that senior leadership will almost never set foot on a job site minimizes the importance of functional accuracy and accountability and opens the door to fraud.
Physical security. Effective security in an inventory support environment is not a single function. To be most effective, security should become part of a culture consisting of threat understanding, personnel awareness, and technology support designed specifically to counter threats unique to property and inventory warehousing and management. It is an ordered process with each step dependent on the findings of the previous step.
Property management and inventory security is unique among security functions and requires specialized skills. Unlike normal physical security plans, property management and inventory control plans deal with security as just one function of a complex, layered protection concept. If the internal security team lacks the specific experience and skills to successfully design a property management and inventory control security program, the company should consider hiring an outside consultant.
A specialized property management and inventory security program will have custom prevention and response framework designed to identify internal and external security risks. A threat awareness campaign for management and warehouse staff should clearly explain the threat, define reporting methods, and create an overall atmosphere of security awareness. Finally, a physical security plan should combine physical security, technical surveillance, access controls, and personnel compliance.
Technology. In addition to providing protection, technology can provide critical insight into the state of a facility’s physical security; however, tools such as surveillance technology and advanced access control should not be viewed as comprehensive solutions.
Access control programs are, without question, the single most common security point of failure at the municipal level because the biggest threat to a facility’s wares comes from a current or former employee gaining after-hours access using a copy of a key he or she acquired.
One of the most frustrating and preventable fraud-related issues stems from weak software control. Inventory control software tends not to be backward compatible, requiring site-specific modifications to data entry processes. Using multiple versions of the same security software forces differentiations in handling inventory and security protocols between sites and opens a program up to abuse.
For example, one operation had seven different versions of an inventory control software system spread across 10 sites. This required 10 unique data entry processes, none of which reported activity in the same method or format. There was no way to follow and track inventory from a central point. Managers at one warehouse checked their inventory for a certain part and came up empty. The managers believed they didn’t have the part, so they went online and ordered it. There was no way for them to know that there were 25 of those parts in a warehouse across town. Those 25 parts, meanwhile, look like surplus and are thus an attractive target for thieves.
User access can also lead to discrepancies in software systems. For example, if administrators and employees with unfettered access are allowed to modify counts within inventory control software, they should be required to have a second person validate the change to reduce the possibility of fraud.
Site-specific processes. The inability or unwillingness of warehouse and inventory support teams to follow approved processes and operational protocols is the most frequently identified inventory management point of failure. This failure starts at the top when senior management makes the assumption that new policy directives, published as a common set of standardized operational procedures, will be automatically and effortlessly implemented and understood.
However, in organizations where more than one inventory warehouse is used to support operations, it is rare to find any two facilities that follow the same procedures. When change is introduced, there is a strong propensity for local supervisors and employees to view the change as unnecessary or intrusive. This is especially true when employees or supervisors feel threatened by the change or are left in the dark as to why the change is needed.
The weak link is not the policy itself but management’s failure to involve facility personnel in process development. Physical facility layout and technology variations among sites are unavoidable; even facilities built using the same conceptual plans vary. These variations can be minor, requiring slight deviations from stated protocol, or so significant that the standard procedure has little or no applicability. Involving experts from each facility helps the process development team identify issues as each protocol is being developed or modified and allows the team to amend the process and overcome site-specific issues.
External assessments. Obtaining a comprehensive operational and security assessment is vital to protecting valuable inventory. Internal process monitoring, especially in environments with a history of ignoring or modifying procedural requirements, can be extremely ineffective, opens the door to fraud and abuse, and can compromise safety and security.
Internal assessment resources can be selective in their evaluations and protective of senior staff. There is a tendency to use other municipal resources to conduct an audit, but municipal personnel from other operations may still feel pressure to provide specific findings.
Teaming with an outside security and loss prevention partner can help to capture risks before they become problems. Professional security teams are not affected by internal politics and are more likely to provide an unbiased assessment of personnel issues.
To address all of these issues, municipalities should consider establishing a hybrid team consisting of external subject matter experts and evaluators and internal audit and management evaluators.
This quality assessment team can provide more than a summary of findings. The team should work directly with warehouse managers to develop, implement, and manage a viable, cost effective, multi-stage security architecture that blends technical, operational, and awareness functions. After completing this process, the team can develop a support strategy that carries the organization through the corrective action process. Recommendations should be detailed enough to offer resolution for any security vulnerabilities they find but not so specific as to tie the process to an exclusive vendor or organization. The end result will be an efficient and effective municipal organization with an invested management team that values employees while also protecting inventory.
Robert Jasinski is director of executive protection for Lowe's Companies in Mooresville, North Carolina. Marshall K. James is director of training for JGW Group in Reston, Virginia. Jasinski and James are both members of ASIS International. The material in this article was researched and authored by Jasinski and James while employees of SoBran, Inc.